[WordPress Custom Login Admin Front-end CSS Plugin](versions 1.4.1 and older) Vulnerability to Server-Side Request Forgery (SSRF)

Importance (CVSS3.0)

★★★★★★★★☆☆ 8.2 / 10 - High

Details

A Server-Side Request Forgery (SSRF) vulnerability was discovered in WordPress Custom Login Admin Front-end CSS Plugin.

This vulnerability may allow malicious attackers to execute a website request to their arbitrary domain.

This vulnerability has been fixed in version 1.5.

Solutions

Update WordPress Custom Login Admin Front-end CSS Plugin to the latest version (at least 1.5 and newer).

Source

CVE-2023-40700

We provide information about critical vulnerabilities of WordPress for people who are using or are considering using Wordpress for their projects.

“[WordPress Custom Login Admin Front-end CSS Plugin](versions 1.4.1 and older) Vulnerability to Server-Side Request Forgery (SSRF) ”, by WS Security is licensed under CC BY 4.0.